Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"Trend Micro Discovers New Java Zero-Day Exploit", via TrendMicro's Blog


  • Please log in to reply
1 reply to this topic

#1 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Quebec, Canada
  • Local time:12:53 AM

Posted 13 July 2015 - 08:12 AM

Zero-day exploits continued to be used in targeted attacks because they are effective, given that software vendors have yet to create patches for them. Throughout our on-going investigation and monitoring of a targeted attack campaign, Operation Pawn Storm, we found suspicious URLs that hosted a newly discovered zero-day exploit in Java. This is the first time in nearly two years that a new Java zero-day vulnerability was reported.

Note that this zero-day exploit is NOT part of the recent slew of vulnerabilities related to the Hacking Team leak. The group behind Operation Pawn Storm is using the Java zero-day exploit as part of their campaign.


Pawn Storm Update: Trend Micro Discovers New Java Zero-Day Exploit

A Java 0-day, now that's scary. Now even the most up to date version of Java (Java 8 Update 45) cannot be considered secure at all.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


BC AdBot (Login to Remove)

 


m

#2 JohnC_21

JohnC_21

  • Members
  • 21,650 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:53 AM

Posted 13 July 2015 - 10:26 AM

I gave up installing Java on a computer unless absolutely needed and then I disable the Java plugin until I need it. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users